Open Closed

SecurityTokenExpiredException reported in Azure #10625


0
shedspotter created

Hi,

product version = 9.0.1 product type = Angular product framework type = .net core 3.1

SecurityTokenExpiredException reported in Azure

Reviewing SQL activity, the DTU utilization is low

Reviewing application insights in Azure for the web app there are frequent exceptions raised around SecurityTokenExpiredException.

Digging into the transaction detail for one example, a 12.7 delay was caused by this exception consuming /api/TokenAuth/Authenticate

Simply refreshing the login page is one example where the exception is raised. timings can vary.

Logs: Microsoft.IdentityModel.Tokens.SecurityTokenExpiredException: at Microsoft.IdentityModel.Tokens.Validators.ValidateLifetime (Microsoft.IdentityModel.Tokens, Version=5.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35) at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateLifetime (System.IdentityModel.Tokens.Jwt, Version=5.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35) at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateTokenPayload (System.IdentityModel.Tokens.Jwt, Version=5.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35) at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateToken (System.IdentityModel.Tokens.Jwt, Version=5.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35) at SSD.Web.Authentication.JwtBearer.SSDJwtSecurityTokenHandler.ValidateToken (SSD.Web.Core, Version=9.0.1.0, Culture=neutral, PublicKeyToken=null: D:\a\1\s\SSD\aspnet-core\src\SSD.Web.Core\Authentication\JwtBearer\SSDJwtSecurityTokenHandler.cs:42) at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler+<HandleAuthenticateAsync>d__6.MoveNext (Microsoft.AspNetCore.Authentication.JwtBearer, Version=3.0.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60)

Thanks


3 Answer(s)
  • 0
    musa.demir created
    Support Team

    Hi @shedspotter

    That error is thrown by System.IdentityModel.Tokens.Jwt.ValidateToken method, (see:https://docs.microsoft.com/en-us/dotnet/api/system.identitymodel.tokens.jwt.jwtsecuritytokenhandler.validatetoken?view=azure-dotnet). Refreshing your browser should not cause the error. Can you please check these:

    1. Check if your token lifetime is long enough.(https://github.com/aspnetzero/aspnet-zero-core/blob/2269967cc03e5c460e2d6c0833cb97feaa5d1fad/aspnet-core/src/MyCompanyName.AbpZeroTemplate.Application.Shared/AppConsts.cs#L49)
    2. Check if your current token is really expired? (you can use https://jwt.io/)
    3. Check if your current token exists, if it exists store it. Then refresh your browser and check if they are equal.
  • 0
    shedspotter created

    Hi musa.demir,

    Thank you for the response

    step 1. it is same like shared link. step 2. the current token is not expired. step 3. after following the 3rd step the previous token and the new token after refreshing the browser has same expiration time

    Thanks

  • 0
    musa.demir created
    Support Team

    Hi @shedspotter

    Can you please share your token's exp field and the exact time you get the error(with timezone)? It might has timezone problem.